Comment by lesuorac

2 days ago

> Turns out, this rule was not from IT. It was a requirement from the cybersecurity insurance policy the organization had taken.

I wonder if some of these constraints are to try to find a way not to pay out on the policy.

1 comment

lesuorac

Reply
ang_cire  2 days ago

It absolutely was/is.

To bastardize Douglas Adams: For-profit insurance is a scam; breach insurance, doubly-so.